- What's new
- Function Overview
- Service Overview
- Getting Started
-
User Guide
- Introduction
- Permissions Management
- Basics of the Container Engine
-
Image Management
- Uploading an Image Through a Container Engine Client (Recommended)
- Obtaining a Long-Term Valid Login Command
- Uploading an Image Through SWR Console
- Pulling an Image
- Setting Image Attributes
- Sharing a Private Image
- Adding a Trigger
- Adding an Image Retention Policy
- Configuring Automatic Image Synchronization Between Regions
- Image Center
- Organization Management
- User Permissions
- Auditing
- Change History
- Best Practices
-
API Reference
- Before You Start
- Calling APIs
- API Overview
-
API
- Organization Management
- Managing Image Repositories
- Image Tag Management
- Shared Account Management
- API Version
- Organization Permission Management
- Image Permission Management
- Image Synchronization Management
- Trigger Management
- Image Retention Policy Management
- Temporary Login Command
- Quota Management
- Other
- Example Applications
- Appendixes
- SDK Reference
-
FAQs
- General FAQs
- Login Issues
- Synchronizing Images
- Pushing an Image
- Pulling an Image
-
Troubleshooting
- Why Does the Login Command Fail to Be Executed?
- Why Does an Image Fail to Be Pushed Through a Container Engine Client?
- Why Does an Image Fail to Be Uploaded Through SWR Console?
- Why Does the docker pull Command Fail to Be Executed?
- What Should I Do If Images Cannot Be Downloaded from Private Networks?
- What Do I Do If an Error Occurs When I Call an API?
-
Other FAQs
- Why Does a CCE Workload Cannot Pull an Image from SWR and a Message "Not Logged In" Is Displayed?
- How Many Tenants Can I Share an SWR Private Image With?
- Why Is an Image Pushed Using a Container Engine Client to SWR Different in Size From One Uploaded Through the SWR Console?
- Can I Pull Images on the SWR Console to a Local PC?
- Videos
- Glossary
-
More Documents
- User Guide
- API Reference
- User Guide (Paris Regions)
- API Reference (Paris Regions)
- User Guide (Kuala Lumpur Region)
- API Reference (Kuala Lumpur Region)
-
User Guide (Ankara Region)
- Service Overview
- Overview
- Permissions Management
- Basics of Docker
-
Image Management
- Pushing an Image Through a Container Engine Client
- Obtaining a Long-Term Valid Docker Login Command
- Obtaining a Long-Term Valid containerd Pull/Push Command
- Uploading an Image Through the SWR Console
- Pulling an Image
- Setting Image Attributes
- Sharing Private Images
- Adding a Trigger
- Adding an Image Retention Policy
- Organization Management
- User Permissions
- FAQs
-
API Reference (Ankara Region)
- Before You Start
- API Overview
- Calling APIs
- API
- Appendixes
- Permissions and Supported Actions
- General Reference
Copied.
VPN/Direct Connect Access
Scenario
If your local data center or private network cannot access SWR through a public network, you can use Direct Connect or VPN to connect to Huawei Cloud VPC and use a VPC endpoint to access SWR.
This solution applies only to pushing images through SWR. To pull images, you also need to configure a VPC endpoint for accessing OBS using the OBS private address.
Procedure
- Create a VPC. For details, see Creating a VPC.
- Create a Direct Connect connection or VPN so that the data center can connect to the VPC through Direct Connect or VPN.
- Buy a VPC endpoint.
a. Log in to the management console.
b. Click
at the upper left corner and select the desired region and project.
c. In the Service List at the upper left corner, choose Networking > VPC Endpoint.
d. On the displayed page, click Buy VPC Endpoint.
e. Configure the parameters as prompted.
f. Click Next.
g. Confirm the order details and click Submit.
- Obtain the private network IP address and domain name for accessing the VPC.
NOTE:
By default, the domain name resolution rule is automatically added to Huawei Cloud VPCs.
You only need to configure hosts for non-Huawei Cloud endpoints.
a. Go to the endpoint list.
b. Locate the purchased endpoint and click the endpoint ID to go to the details page.
c. On the page displayed, you can view the IP address and private network domain name of the endpoint.
Figure 1 Endpoint details page - Configure hosts of the local data center. The hosts IP address consists of the IP address and private network domain name of the endpoint. Example:
Figure 2 Example hosts
CAUTION:
In this section, 172.xx.xx.xx swr.ap-southeast-1.myhuaweicloud.com is only an example. Replace it with the actual IP address and private network domain name.
There are two configuration methods:
- Configuring Hosts for Linux:
- Run the following command to open the /etc/hosts file:
sudo vim /etc/hosts
- Add a custom domain name in the format of xx.xx.xx.xx swr.xx -xx.myhuaweicloud.com.
NOTE:
xx.xx.xx.xx and swr.xx -xx.myhuaweicloud.com indicate the IP address and domain name obtained in 4, respectively.
- Run the following command to restart the network.
sudo/etc/init.d/networking restart
- Customizing DNS Hosts:
- Obtain the IP address of the VPC endpoint by referring to 4.
- Configure DNS forwarding rules on the DNS server in the local data center.
The method of configuring DNS forwarding rules varies depending onOSs. For details, see the operation guide of the corresponding DNS software.
This step uses the Linux OS and Bind (common DNS software) as an example.
- Edit the /etc/named.conf file to add a zone.
zone " swr.xx-xx.myhuaweicloud.com " IN { type master; file " /var/named/swr.xx-xx.myhuaweicloud.com.zone"; };
- Configure forward DNS resolution. Create the /var/named/swr.xx-xx.myhuaweicloud.com.zone file corresponding to the file in a.
$TTL 604800 @ IN SOA swr.xx-xx.myhuaweicloud.com. root.localhost. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS swr.xx-xx.myhuaweicloud.com. swr.xx-xx.myhuaweicloud.com. IN A xx.xx.xx.xx
- Restart the service.
NOTE:
- You can query SWR endpoints in different regions in Regions and Endpoints.
- If no DNS server is available in the local data center, add the endpoint IP address for accessing DNS to the /etc/resolv.conf file of the local data center.
- swr.xx-xx.myhuaweicloud.com indicates the IP address obtained in Step 4.
- Edit the /etc/named.conf file to add a zone.
- Run the following command to verify the configuration and check the output.
ping swr.xx -xx.myhuaweicloud.com
- Use this domain name (swr.xx -xx.myhuaweicloud.com) in the later access to SWR.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot